Secured architecture for inter-VM traffic in a Cloud environment

Cloud Computing (CC) is a large-scale distributed computing paradigm that is driven by economies of scale, in which a pool of abstracted, virtualized, dynamically-scalable, managed computing power, storage, platforms, and services are delivered on demand to external customers over the Internet. On the other hand, one of the key enablers for building Cloud environments is Virtualization. It offers a great level of efficiency and scalability that makes the complex processing of the Cloud possible. However, with these advantages come certain limitations, especially in relation to security. Virtualization vulnerabilities and more specifically isolation, creates new targets for intrusion due to the complexity of access and difficulty in monitoring all interconnection points between systems, applications, and data sets. Hence, without strict controls put in place within the Cloud, guests could violate and bypass security policies, intercept unauthorized client data, and initiate or become the target of security attacks. This article discusses the security and the visibility issues of inter-VM traffic, by proposing a solution for it within the Cloud context. The proposed approach provides Virtual Machines (VMs) authentication, communication integrity, and enforces trusted transactions, through security mechanisms, structures, policies, and various intrusion detection techniques.